Get Smart about Business Spending
April 12, 2009 7:04 AM PDT
Report: Conficker worm bites University of Utah
More than 700 computers at the University of Utah have been infected with the Conficker worm.
The hit includes computers at the university's three hospitals, the Associated Press reported early Sunday.
University spokesman Chris Nelson said the outbreak was detected Thursday, the AP reported. By the next day, the worm had struck at the hospitals, medical school, and the nursing, pharmacy, and health colleges.
Patient records have not been touched, Nelson said. IT cut off Net access for up to six hours on Friday in order to isolate the virus, the AP reported.
Natalie Weinstein is an associate editor who works out of Austin, Texas. She spent a decade as a reporter and editor in the newspaper industry before joining the CNET News staff in 2000. E-mail Natalie. 
Ah no, Natalie dearest, not a virus.
Everyone pays the Apple tax..
Apple is only safe because of it's security by obscurity, and as it continues to become popular, it will also start to get hit by viruses, worse, however than windows, as most don't have AV software for it.
then explain how Mac OS9 had viruses ?
and OSX even after all these years still doesn't have even one
nor have been any massive outbreaks of any kind
It doesn't matter what the reason.. the excuse.. whatever.. you use to explain why Windows has thousands of viri/malware... it doesn't change the fact that using Windows on the internet is like sleeping with a prostitute. The "Windows Tax" is having to be weary of every email... and having to run one or two antivirus programs just to get by.
No matter what the reason.. no other operating system in history has been exploited more than Windows. There is an entire industry dedicated to making Window's work properly..
Also, if your can't understand why letting programs install without user interaction and integrating your web browser to into the core of your OS has made Windows prone to such things.. you should read a little more. The Mac OS and Linux are not fool-proof.. but they don't allow the things that Windows so eagerly allows... hence the ***** analogy.
Security by Obscurity is a canard. For years, Apache dominated the web server space (still does) yet IIS has the vast bulk of security exploits. By the reasoning of 'security by obscurity', Apache should have been releasing critical updates weekly. Microsoft actually got serious about IIS and its been much better over the last couple years.
If you bother to look, you'll find examples of this over and over in IT.
OS X has had security exploits, generally exploits in the Open Source software that Apple bundles into OS X. These same exploits were in Linux.
There have been no viruses affecting OS X. There have been no self-replicating. There have been some trojans that required a user to download a file, run it, and enter an administrator password.
The reality is..
OS X shares a significant portion of it's code with FreeBSD and Linux by way of GNU software. Somehow, Apple detractors point to Linux as a counter the Apple, even in the security by obscurity argument.
There are [Only] Tens of Millions of OS X boxes in the wild, many in the hands of *nix folk who moved to PowerBooks because of slow Linux driver releases for 'Windows' laptop hardware. It has disproportionate installed base at Universities [roughly equal to Windows in the Physical Sciences at my Research University].. which are prime targets {lots of bandwidth, open networks, often poor management - privately owned on network}.
Somehow all these targets with no exploits.. it'd undeniably be a Huge feather in the cap of the Cracker who is first to embarrass Apple and yet it's Security by Obscurity that keeps Apple safe.
BS
In general, Universities are not well secured. I know, I've worked IT at two large Universities.
In general, networks are open. It's just the nature of academia to NOT hamper the researchers by limiting what they can do with the network. The most security you'll generally get at the network level is SMB port blocking at the network border and some network monitoring.
Machines tend to show up without the knowledge of IT. Machines are purchased on Grant, not by central budgets. Personal machines show up all the time, particularly from students and that doesn't just mean laptops that hop on and off the net. Grad Students are essentially free labor for whatever the researchers need so they tend to be given the task of 'computer person' regardless of their skills.
I have to say, I'm not at all surprised that there are un-patched machines on their network. We just got an email from someone wondering whether their Windows 95 boxes are vulnerable (I've got plenty of DOS out there.. running custom Research apparatus).
I'm just surprised that the Hospitals were effected. At least HIPA provides the political push to central management of the machines and to demand tight control over the networks.
LAZY admins. It takes a few days on a test enviornment to test the patch. Security patches RARELY affect the functionality of software; it's when you do major things, like install a major service pack or upgrade major software (Like upgrading from SQL 2005 to SQL 2008) that when issues appear.
Hey Mac fanboys, Health Care ENTERPRISE IT DOESN'T EXIST ON OSX. Apple needs to remove the fascist control of their OS (Read EFI-X will make this happen) before any major corporation will accept OSX.
Could you explain what you're talking about?
Did anyone here claim that Apple was big in Health Care IT Infrastructure? I know they're big in Biological sciences but I can't comment on real Health Care IT. I would suspect you're right. Apple doesn't play in Enterprise IT like Microsoft. Apple simply doesn't provide integrated Enterprise IT solutions like MS.. it's not their market.
I'm more confused by the "fascist control of their OS" bit. Are you upset that you can only get some of OS X's source code from the Darwin project? ..as opposed to the Windows source code available at...
If you're just talking about Apple licensing OS X on other hardware (you mention EFI).. how exactly does that affect Apple's Enterprise efforts? Will booting OS X on Dell magically *Poof* into existence some OS X analog to AD, Exchange Server, heck.. maybe Amalga (an integrated MS Hospital Admin system)?
"Imagine how long it must take to update all of the computers. Also, some of the medical computers may be in use 24/7 so they couldn't update it"
Considering it's an automatic update that doesn't require any user action on their part to get it installed, and the reboot can be delayed until you would normally shut down/restart for other reasons... yeah, it's a curiousity that any IT department could be that incompetent or lax. I expect there will be some new openings at that location shortly to replace a few IT folks who failed to update the systems and let the machines get affected... six months *after* the fix was released.
HIPA regulations alone have been violated by this breach of standards. Not a good thing at all for a hospital. As for a Univerrsity? Yes, they tend to be a bit behind, but six months is no excuse. Since the updates can be rolled out system wide very easily, that isn't an excuse either.
IT departments don't buy Macs due to software compatibility, high cost of the hardware and complete lack of serviceability. Case in point: I want to install ram in a standard PC tower, all I do is take the side door off and pop in two ram modules.
Installing Ram in a Mac Mini: Get out two putty knives. Pop the case off. Remove 3-4 screws. Remove optical drive and hard drive assembly. Place to side. Install two SO-DIMMS (Yes the Mac mini uses the laptop Core2Duo, which is not nearly as powerful as the Core2Duo LGA775 or a Core2Quad systen). Reverse order. This takes usually at least 15-20 minutes, vs. 3 minutes.
The iMac. Power Supply blows. That'll be $400 from the Apple store, part is not in stock and takes at least 2-4 days to get, power supply is not ATX. Machine has to be totally torn apart to have the PSU unit replaced. On a standard ATX desktop this is trivial: pop off the case cover, remove 4 screw to support the PSU and remove the power supply cables. Install new PSU in reverse.
EFI-X will allow enterprises to afford upgradable, serviceable "macs". This in turn will stimulate software development which will actually get enterprise software developers to make good software for Macs that can rival Windows.
Apple could easily compete with Microsoft on an OS level if OSX was released for standard PC hardware. This is counter-intuitative to their business model however, which relies on tight fascist control of hardware and software and stupid limitations not found on other devices (soldered batteries on the iphone)
It was/is the University of Utah Medical Center. The only thing the two have in common is the University of Utah's medical school that is run within the Medical Center (and of course the common name).
By all means sir - what with each Mac failing the Pwn to Own contest, what exactly do you expect to happen when Windows goes defunct in your little world?
When I mean Mac failing all of them btw, I mean that every time the Pwn-to-Own is run, Macs software is compromised first, followed then by windows, and lastly Linux (They all go down, it's the degree of difficulty behind it really...)
First off OSX wasnt hacked it was the safari browser
and all other browsers were hacked other than opera !
secondly Pwn-to-own is a joke !
and even the guy who won the competition recommended Macs in his interview !
"First off OSX wasnt hacked it was the safari browser"
Correction: The OS allowed the browser to breach it. No browser should be allowed to breach the OS to the point that the OS itself is now vulnerable. That, my good sir, is a hacking of the OS itself. The end result is that the machine was compromised.
It's hard to deny the reality of the situation, but you are free to keep spinning it however you wish. The end results are the same.
by mraardvark April 12, 2009 11:10 AM PDT
I find it really pathetic that an IT department large enough to manage three hospitals and med school failed to apply a patch available for months for a common well know worm. It's the people that don't properly maintain there systems that help most of this stuff propagate in the first place.
---------------------------------------
You're jumping to a big conclusion here - this worm spreads by multiple vectors not just the one that is closed by the October patch. The worm could have gotten in to the system via a shared USB memory stick for example, or other paths.
it wasn't a Virus or a worm any way so wats your point ?
if your looking for a safe browser OTOH I recommend opera BTW and it's free !
WSUS, MBSA, and IT Department FAIL.
Here is a link a recent article pointing out that viruses are starting to hit MAcs as they gain popularity.
http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html
and here is the MAC version of Norton's anti virus. Hmmm I wonder why that is needed?
http://www.symantec.com/norton/macintosh/antivirus
Truth is that the MAC is posing a security threat to our internet as we know it, Since less then 1% of all MACS have a anti virus loaded, it is entirely feasible that the terrorists have planted little snippets of code, that is sitting, waiting for instruction. Since most MACS are not protected, it is entirely possible.
I own both a MAC and a PC. I like both, bit both are protected from virus. Difference is I had to pay fpr the MAC version. while the PC version is free.
I'll add one thing, there are Macintosh anti-virus applications, one of which I recommend to my clients, because Macintoshes will happily pass along Word Macro Viruses.
And seriously, a link from an anti-virus company as your proof that Mac users should buy anti-virus software?
I can't say I would expect anything better from someone who repeatedly calls a Macintosh a "MAC". A "MAC" is a Media Access Control number. It's the unique hardware address on a Network interface. A Macintosh is a "Mac".
P.S. You can download free anti-virus software for the Mac. ClamXAV. You CAN'T, however, download free anti-virus software for the MAC. Maybe that was your problem.
if you are using av software on a mac your crazy
"all I can say is that
if you are using av software on a mac your crazy"
That's exactly what criminals, hackers, and other lowlifes that want to compromise your system want the public to think and do. They want you to not take any precautions or be security aware.
Makes me wonder why Seven7dust is so adamant about telling people NOT to take any security precautions on their systems. Interesting and a bit suspicious.
@Vegaman_Dan
the AV software will be worthless any way cause even if some new exploit comes along it wont be able to prevent it
which is why using AV software on a Mac is worthless and only a fools errand !
You sir are an idiot.
I have no idea wat you taking about ! nobody has made a Virus yet for OSX
yes not even once has it happened !
So how exactly will I get affected again !
Go to any Apple store and check all the Macs on Display no Anti-virus installed !
I've asked many long time Mac users and none of them have ever used Av
I'm not saying that Macs are 100% secure just saying that even if a virus is created
for th Mac O.S AV software wont be able to Prevent it !
How about you leave the Mac Stuff to Mac users !
cause you are clearly ignorant !
Unless the university refused to pay for licensing (which i doubt) there is simply no excuse for the university's it staff to let that happen. There should be some house cleaning after this is all fixed up.
I'm sorry, but to put it bluntly, it's sloppy, complacent, useless sysadmins and fragmented, outsourced IT departments who know sod all about IT security, obviously don't read the news, and obviously don't give a crap about the quality of their workmanship who have allowed this worm to infect so many PC's all around the world. Period.
I know thats a very general statement, but if these so called IT departments and 'sysadmins' had reacted in October and deployed the patch, killed autorun in group policy and audited their network passwords the impact of this worm would have been much much lower. In reality, there is no defense and no excuse for complacency and stupidity, especially when this damn worm has been a top news item for months.
You can still hope, but osx was built onto unix, which is a very secure operating system built from the ground up to handle multiple users. Apple does release security updates from time to time, but I have no virus-checking software.
[CNET editors' note: Personal attack deleted.]
http://news.cnet.com/8301-1009_3-10154662-83.html
"The Macintosh and base Linux kernel operating systems have dominated the top spots for vulnerabilities by operating system over the past three years"
Any virus, to be installed on a mac, needs to be allowed to install on a system, which requires an administrator's password.
Who uses Safari? Uninformed/new/noobish computer users, same as PC users that get infected. Virus writers don't write hacks that can infiltrate any computer running (xyz) OS, they write viruses knowing that undoubtedly there will be inept computer users who see an email attachment and think 'hmm i wonder what this is' and unthinkingly double click it.
"Who uses Safari? Uninformed/new/noobish computer users, same as PC users that get infected. Virus writers don't write hacks that can infiltrate any computer running (xyz) OS"
Of course, its apples web browser that comes into every mac. Just like IE dominated because it was installed in every Windows, which is the most used OS.
I doubt my workplace is the only one with these types of issues. IT departments really need to be independent from admins' ax to really be able to properly secure a network.
Excellent points and something that hasn't been brought up before in this thread.
Even if you aren?t running windows servers and active directory, you can still configure a local security policy w/ update settings that can be deployed via login scripts.
To simply justify not updating windows and antivirus definitions because one doesn?t have time just isn?t a logical argument. There are far too many tools available to the IT administrators today to centrally manage and deploy updates/settings network wide.
I hate to say it, but if the IT staff at this University doesn?t know how to do that, then I think they need a new IT staff.
As a University Enterprise Administrator I have first hand experience with this yet sometimes it is easier to ask forgiveness than permission so we take all precautions necessary.
As far as what one commenter wrote about the systems having to be up 24x7...BUNK!
We take those type of systems into consideration but a few minutes to restart is a hell of a lot better than having the machine down for hours due to an infection.
Now getting management to allow you to do such a thing in an IT group is another matter all together.
While I agree with you about shutting down the ports (which we do), the network is not the sole vector. People using their personal thumbdrives has been the issue for us but we spot them quickly and get them off the network and a End User Service Analyst is dispatched to either clean or reimage the system and attempt to locate the thumbdrive.
All of this costs the department and/or division that was infected since we patch the systems and apply daily AV signatures which usually restricts the infection.
Also once a system is truly infected (none so far, knock on wood) we pass the info to the ISO team and they determine whether it is going to cost the dept/div. to re-enable the network port.
Enjoy that, AppleRocks.
I assume you are aware that people can run Windows on Macs and this is quite common these days?
Your attempt to look witty and superior has only resulted in making Mac users appear to be snobbish ignorant fools. That's not exactly the image I think Apple wants to portray their users like. You're not helping Apple at all with these sorts of comments, AppleRocks1963.
- by The_happy_switcher April 13, 2009 9:26 AM PDT
- Windows: Life without walls. So, the windows just sort of float magically. And, they just hang there. Much in the same way windows users are just left there hanging by Microsoft bug-ridden software.
- Like this Reply to this comment
-
-
- by Vegaman_Dan April 13, 2009 10:44 AM PDT
- Yep, you defintely are going out of your way to embarass Macintosh users at this point with your comments.
- Like this
-
- by The_happy_switcher April 13, 2009 11:03 AM PDT
- Anyone who would be 'embarrassed' by message board posting obviously has self-esteem issues.
- Like this
-
- by CrashPad63 April 14, 2009 6:26 AM PDT
- Applesucks, you would be the poster child.
- Like this
-
Showing 1 of 2 pages (88 Comments)Grow up.